Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > uk.comp.homebuilt > #60671 > unrolled thread
| Started by | David <wibble@btinternet.com> |
|---|---|
| First post | 2026-06-16 13:09 +0000 |
| Last post | 2026-06-17 08:11 +0000 |
| Articles | 12 — 8 participants |
Back to article view | Back to uk.comp.homebuilt
On device enforcement of age verification? David <wibble@btinternet.com> - 2026-06-16 13:09 +0000
Re: On device enforcement of age verification? Theo <theom+news@chiark.greenend.org.uk> - 2026-06-16 14:56 +0100
Re: On device enforcement of age verification? Ian <${send-direct-email-to-news1021-at-jusme-dot-com-if-you-must}@jusme.com> - 2026-06-16 16:58 +0000
Re: On device enforcement of age verification? Richard Kettlewell <invalid@invalid.invalid> - 2026-06-16 22:48 +0100
Re: On device enforcement of age verification? Mike Scott <usenet.16@scottsonline.org.uk.invalid> - 2026-06-17 08:24 +0100
Re: On device enforcement of age verification? Richard Kettlewell <invalid@invalid.invalid> - 2026-06-17 08:44 +0100
Re: On device enforcement of age verification? Chris <ithinkiam@gmail.com> - 2026-06-16 14:29 +0000
Re: On device enforcement of age verification? "s|b" <me@privacy.invalid> - 2026-06-16 17:03 +0200
Re: On device enforcement of age verification? Chris <ithinkiam@gmail.com> - 2026-06-16 23:31 +0000
Re: On device enforcement of age verification? "s|b" <me@privacy.invalid> - 2026-06-17 15:48 +0200
Re: On device enforcement of age verification? Richard Kettlewell <invalid@invalid.invalid> - 2026-06-16 17:27 +0100
Re: On device enforcement of age verification? Gordon <Gordon@leaf.net.nz> - 2026-06-17 08:11 +0000
| From | David <wibble@btinternet.com> |
|---|---|
| Date | 2026-06-16 13:09 +0000 |
| Subject | On device enforcement of age verification? |
| Message-ID | <n9d08kFbucoU4@mid.individual.net> |
I was wondering how they expected to do this. Are they assuming that all access to social media will be via a mobile phone or tablet? I can't see on device enforcement working for a PC. Even if Apple and Microsoft cave, there are older versions of Windows and a whole raft of Linux distributions. Perhaps I should hang onto my stock of non W10 compatible devices to install Linux (or other Unix-a-like) to rent out to mid-teens to stay connected. Cheers Dave R -- AMD FX-6300 in GA-990X-Gaming SLI-CF running Windows 10 x64 -- This email has been checked for viruses by Avast antivirus software. www.avast.com
[toc] | [next] | [standalone]
| From | Theo <theom+news@chiark.greenend.org.uk> |
|---|---|
| Date | 2026-06-16 14:56 +0100 |
| Message-ID | <+7F*cwfJA@news.chiark.greenend.org.uk> |
| In reply to | #60671 |
David <wibble@btinternet.com> wrote: > I was wondering how they expected to do this. > > Are they assuming that all access to social media will be via a mobile > phone or tablet? > > I can't see on device enforcement working for a PC. > Even if Apple and Microsoft cave, there are older versions of Windows and > a whole raft of Linux distributions. > > Perhaps I should hang onto my stock of non W10 compatible devices to > install Linux (or other Unix-a-like) to rent out to mid-teens to stay > connected. For the NY or California laws, it's about the user having an OS level age flag[*]. That's set up when the user account is created, eg by the administrator or the parent who does the first setup. Then apps (and presumably web apps via a web API) can query the flag as to whether the user is of age and decide whether to enable certain risky features. That means you can give a phone or laptop to a child and 'adult' apps won't work. Presumably they can't trivially reset the flag without the administrator password, which they'd have to ask the parent for. On PCs you could always reformat the PC and install OpenBSD, but the parent might notice. Parents could also enroll the PC in MDM to prevent a factory reset if they wanted. Some Linux/BSD distros are/have implemented such a feature: https://github.com/BryanLunduke/DoesItAgeVerify [*] not sure the specifics, but I assume it would only report coarse-grained outputs, like 'under 13', '13-16', '16-18', '18+' rather than the actual birthday. That's how Midnight BSD does it: https://github.com/MidnightBSD/src/blob/master/usr.sbin/aged/aged.8#L114
[toc] | [prev] | [next] | [standalone]
| From | Ian <${send-direct-email-to-news1021-at-jusme-dot-com-if-you-must}@jusme.com> |
|---|---|
| Date | 2026-06-16 16:58 +0000 |
| Message-ID | <slrn113304r.3j0.${send-direct-email-to-news1021-at-jusme-dot-com-i@vm46.home.jusme.com> |
| In reply to | #60672 |
On 2026-06-16, Theo <theom+news@chiark.greenend.org.uk> wrote: > On PCs you could always reformat the PC and install OpenBSD Don't forget Microsoft controls the bootloader on all modern PCs[1]. Not a huge step to these "apps" requiring a "secure" OS on a "secure" device. There's a reason a TPM is required for Windows 11, and it ain't for the users benefit... </tinfoilhat> [1] https://www.redhat.com/en/blog/expiration-secure-boot-signing-certificates-2026 -- Ian "Tamahome!!!" - "Miaka!!!"
[toc] | [prev] | [next] | [standalone]
| From | Richard Kettlewell <invalid@invalid.invalid> |
|---|---|
| Date | 2026-06-16 22:48 +0100 |
| Message-ID | <wwvik7ib1ic.fsf@LkoBDZeT.terraraq.uk> |
| In reply to | #60676 |
Ian
<${send-direct-email-to-news1021-at-jusme-dot-com-if-you-must}@jusme.com>
writes:
> On 2026-06-16, Theo <theom+news@chiark.greenend.org.uk> wrote:
>
>> On PCs you could always reformat the PC and install OpenBSD
>
> Don't forget Microsoft controls the bootloader on all modern PCs[1].
No. The thing they control is the signing key which modern PCs trust by
default. But that does not represent full control of the boot loader by
any means: you can disable secure boot, generally very easily (I have
done it a number of times for pragmatic reasons, most recently this
evening as a temporary measure).
You can also install your own keys.
--
https://www.greenend.org.uk/rjk/
[toc] | [prev] | [next] | [standalone]
| From | Mike Scott <usenet.16@scottsonline.org.uk.invalid> |
|---|---|
| Date | 2026-06-17 08:24 +0100 |
| Message-ID | <110ti3a$1mcr1$1@dont-email.me> |
| In reply to | #60677 |
On 16/06/2026 22:48, Richard Kettlewell wrote:
> you can disable secure boot, generally very easily
Until the makers remove the 'disable secure boot' option, that is. Along
with the ability to install new keys. ("key's expired guv? Just buy a
new mobo").
It makes me uncomfortable that MS seem to 'own' the secure keys to the
world's PCs.
--
Mike Scott
Harlow, England
[toc] | [prev] | [next] | [standalone]
| From | Richard Kettlewell <invalid@invalid.invalid> |
|---|---|
| Date | 2026-06-17 08:44 +0100 |
| Message-ID | <wwvtsr1626f.fsf@LkoBDZeT.terraraq.uk> |
| In reply to | #60679 |
Mike Scott <usenet.16@scottsonline.org.uk.invalid> writes:
> On 16/06/2026 22:48, Richard Kettlewell wrote:
>> you can disable secure boot, generally very easily
>
> Until the makers remove the 'disable secure boot' option, that
> is. Along with the ability to install new keys. ("key's expired guv?
> Just buy a new mobo").
That’s purely speculative; it’s not happened in 15 years of secure boot
on PCs. (Also it would violate Microsoft’s Windows hardware
compatibility requirements.)
> It makes me uncomfortable that MS seem to 'own' the secure keys to the
> world's PCs.
I’d rather it was someone more independent too, but Microsoft have the
technical capability to get it right and very strong incentives to do so
(anything they sign impacts the entire Windows customer base).
--
https://www.greenend.org.uk/rjk/
[toc] | [prev] | [next] | [standalone]
| From | Chris <ithinkiam@gmail.com> |
|---|---|
| Date | 2026-06-16 14:29 +0000 |
| Message-ID | <110rmjc$167ed$2@dont-email.me> |
| In reply to | #60671 |
David <wibble@btinternet.com> wrote: > I was wondering how they expected to do this. > > Are they assuming that all access to social media will be via a mobile > phone or tablet? > > I can't see on device enforcement working for a PC. > Even if Apple and Microsoft cave, there are older versions of Windows and > a whole raft of Linux distributions. > > Perhaps I should hang onto my stock of non W10 compatible devices to > install Linux (or other Unix-a-like) to rent out to mid-teens to stay > connected. I believe this is to counter some of the gaps in the Australian system. Although many child accounts on social media were shut down, about 70% of children are still accessing SM. Having one source of truth (i.e. the device) should be more effective. Yes, it'll work far less with (Widows) PCs, but then you don't see kids on the bus carrying their Dells ;) The downside is that we will *all* have to do this to prove we are not children.
[toc] | [prev] | [next] | [standalone]
| From | "s|b" <me@privacy.invalid> |
|---|---|
| Date | 2026-06-16 17:03 +0200 |
| Message-ID | <n9d6stFdt9lU2@mid.individual.net> |
| In reply to | #60673 |
On Tue, 16 Jun 2026 14:29:00 -0000 (UTC), Chris wrote: > I believe this is to counter some of the gaps in the Australian system. > Although many child accounts on social media were shut down, about 70% of > children are still accessing SM. I was never about the children... -- s|b
[toc] | [prev] | [next] | [standalone]
| From | Chris <ithinkiam@gmail.com> |
|---|---|
| Date | 2026-06-16 23:31 +0000 |
| Message-ID | <110smd6$1g320$1@dont-email.me> |
| In reply to | #60674 |
s|b <me@privacy.invalid> wrote: > On Tue, 16 Jun 2026 14:29:00 -0000 (UTC), Chris wrote: > >> I believe this is to counter some of the gaps in the Australian system. >> Although many child accounts on social media were shut down, about 70% of >> children are still accessing SM. > > I was never about the children... That's false. Don't fall for the techbro narrative.
[toc] | [prev] | [next] | [standalone]
| From | "s|b" <me@privacy.invalid> |
|---|---|
| Date | 2026-06-17 15:48 +0200 |
| Message-ID | <n9fmt6FptfsU1@mid.individual.net> |
| In reply to | #60678 |
On Tue, 16 Jun 2026 23:31:50 -0000 (UTC), Chris wrote: > s|b <me@privacy.invalid> wrote: > > On Tue, 16 Jun 2026 14:29:00 -0000 (UTC), Chris wrote: > > > >> I believe this is to counter some of the gaps in the Australian system. > >> Although many child accounts on social media were shut down, about 70% of > >> children are still accessing SM. > > > > I was never about the children... > That's false. Don't fall for the techbro narrative. Don't tell me you believe it was all about the children? -- s|b
[toc] | [prev] | [next] | [standalone]
| From | Richard Kettlewell <invalid@invalid.invalid> |
|---|---|
| Date | 2026-06-16 17:27 +0100 |
| Message-ID | <wwvfr2mmow9.fsf@LkoBDZeT.terraraq.uk> |
| In reply to | #60671 |
David <wibble@btinternet.com> writes: > I was wondering how they expected to do this. > > Are they assuming that all access to social media will be via a mobile > phone or tablet? > > I can't see on device enforcement working for a PC. > Even if Apple and Microsoft cave, there are older versions of Windows and > a whole raft of Linux distributions. If the device can’t/won’t provide sufficient information there are plenty of fallbacks to establish a lower bound on age. Most obviously, age can be recovered from identity, and tools for confirming identity online are well-established and already heavily used by the financial sector and government. There are also indirect approaches, e.g. being able to authorize a credit card transaction. Personally I think social media should be restricted to people with basic critical thinking skills, rather than purely on age. -- https://www.greenend.org.uk/rjk/
[toc] | [prev] | [next] | [standalone]
| From | Gordon <Gordon@leaf.net.nz> |
|---|---|
| Date | 2026-06-17 08:11 +0000 |
| Message-ID | <n9f359Fmkm9U3@mid.individual.net> |
| In reply to | #60675 |
On 2026-06-16, Richard Kettlewell <invalid@invalid.invalid> wrote: > David <wibble@btinternet.com> writes: >> I was wondering how they expected to do this. >> >> Are they assuming that all access to social media will be via a mobile >> phone or tablet? >> >> I can't see on device enforcement working for a PC. >> Even if Apple and Microsoft cave, there are older versions of Windows and >> a whole raft of Linux distributions. > > If the device can’t/won’t provide sufficient information there are > plenty of fallbacks to establish a lower bound on age. > > Most obviously, age can be recovered from identity, and tools for > confirming identity online are well-established and already heavily used > by the financial sector and government. > > There are also indirect approaches, e.g. being able to authorize a > credit card transaction. > > > Personally I think social media should be restricted to people with > basic critical thinking skills, rather than purely on age. > That would be very useful.
[toc] | [prev] | [standalone]
Back to top | Article view | uk.comp.homebuilt
csiph-web